From ca5bcb27ae72b09a518c7cf9e4a05e3b1de4b668 Mon Sep 17 00:00:00 2001 From: Ry Jones Date: Wed, 25 Sep 2019 10:18:53 -0700 Subject: [PATCH 1/4] [IN-68] Add default GitHub SECURITY policy this file must exist on the default branch Signed-off-by: Ry Jones Change-Id: Ie805816e929f4449689214c74964b71eac56e31d (cherry picked from commit 7b65a25a862375873e154d4cb10d53df144aa4bf) --- SECURITY.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..91509aa0 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,12 @@ +# Hyperledger Security Policy + +## Reporting a Security Bug + +If you think you have discovered a security issue in any of the Hyperledger projects, we'd love to hear from you. We will take all security bugs seriously and if confirmed upon investigation we will patch it within a reasonable amount of time and release a public security bulletin discussing the impact and credit the discoverer. + +There are two ways to report a security bug. The easiest is to email a description of the flaw and any related information (e.g. reproduction steps, version) to [security at hyperledger dot org](mailto:security@hyperledger.org). + +The other way is to file a confidential security bug in our [JIRA bug tracking system](https://jira.hyperledger.org). Be sure to set the “Security Level” to “Security issue”. + +The process by which the Hyperledger Security Team handles security bugs is documented further in our [Defect Response page](https://wiki.hyperledger.org/display/HYP/Defect+Response) on our [wiki](https://wiki.hyperledger.org). + From 9915995df7b767a08549a267b8052bcd1d868fb4 Mon Sep 17 00:00:00 2001 From: "Matthew B. White" Date: Wed, 16 Oct 2019 10:56:14 +0100 Subject: [PATCH 2/4] [FAB-16844] Modify pattern for cc images - remove images that match dev-* - correcting a dependency Change-Id: I603dc822260be827ca36677e5c05aa5f196858ae Signed-off-by: Matthew B. White --- chaincode/fabcar/java/build.gradle | 2 +- first-network/byfn.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/chaincode/fabcar/java/build.gradle b/chaincode/fabcar/java/build.gradle index 37d2b3ae..50e8f524 100644 --- a/chaincode/fabcar/java/build.gradle +++ b/chaincode/fabcar/java/build.gradle @@ -13,7 +13,7 @@ group 'org.hyperledger.fabric.samples' version '1.0-SNAPSHOT' dependencies { - implementation 'org.hyperledger.fabric-chaincode-java:fabric-chaincode-shim:2.0.0-SNAPSHOT' + implementation 'org.hyperledger.fabric-chaincode-java:fabric-chaincode-shim:1.4.3' implementation 'com.owlike:genson:1.5' testImplementation 'org.junit.jupiter:junit-jupiter:5.4.2' testImplementation 'org.assertj:assertj-core:3.11.1' diff --git a/first-network/byfn.sh b/first-network/byfn.sh index e6c3811b..57a3447c 100755 --- a/first-network/byfn.sh +++ b/first-network/byfn.sh @@ -92,7 +92,7 @@ function askProceed() { # Obtain CONTAINER_IDS and remove them # TODO Might want to make this optional - could clear other containers function clearContainers() { - CONTAINER_IDS=$(docker ps -a | awk '($2 ~ /dev-peer.*.mycc.*/) {print $1}') + CONTAINER_IDS=$(docker ps -a | awk '($2 ~ /dev-peer.*/) {print $1}') if [ -z "$CONTAINER_IDS" -o "$CONTAINER_IDS" == " " ]; then echo "---- No containers available for deletion ----" else @@ -104,7 +104,7 @@ function clearContainers() { # specifically the following images are often left behind: # TODO list generated image naming patterns function removeUnwantedImages() { - DOCKER_IMAGE_IDS=$(docker images | awk '($1 ~ /dev-peer.*.mycc.*/) {print $3}') + DOCKER_IMAGE_IDS=$(docker images | awk '($1 ~ /dev-peer.*/) {print $3}') if [ -z "$DOCKER_IMAGE_IDS" -o "$DOCKER_IMAGE_IDS" == " " ]; then echo "---- No images available for deletion ----" else From b92ff73374b48f0cdab194cda903379aeea46aaf Mon Sep 17 00:00:00 2001 From: Simon Stone Date: Wed, 16 Oct 2019 17:09:54 +0100 Subject: [PATCH 3/4] [FAB-16849] Various updates for Java version of FabCar - Update .gitignore - Use builds on Sonatype, not Nexus - Enable new discovery as localhost flag Signed-off-by: Simon Stone Change-Id: Ia0904cedf953b5ecbf6aaf859245a9bb431d3f76 (cherry picked from commit 81aabf4c0bec59e6a158045078f3c0ece971a2a2) --- fabcar/java/.gitignore | 4 +++- fabcar/java/pom.xml | 10 +++++----- fabcar/java/src/main/java/org/example/ClientApp.java | 4 ++++ fabcar/java/src/main/java/org/example/EnrollAdmin.java | 4 ++++ .../java/src/main/java/org/example/RegisterUser.java | 4 ++++ 5 files changed, 20 insertions(+), 6 deletions(-) diff --git a/fabcar/java/.gitignore b/fabcar/java/.gitignore index 5fbd19f5..3aa04dcb 100755 --- a/fabcar/java/.gitignore +++ b/fabcar/java/.gitignore @@ -2,4 +2,6 @@ /target/ .settings/ .classpath -.project \ No newline at end of file +.project +wallet +!wallet/.gitkeep \ No newline at end of file diff --git a/fabcar/java/pom.xml b/fabcar/java/pom.xml index 37733b1b..01d15179 100644 --- a/fabcar/java/pom.xml +++ b/fabcar/java/pom.xml @@ -19,16 +19,16 @@ - hyperledger - Hyperledger Nexus - https://nexus.hyperledger.org/content/repositories/snapshots + oss-sonatype + OSS Sonatype + https://oss.sonatype.org/content/repositories/snapshots - org.hyperledger.fabric-gateway-java + org.hyperledger.fabric fabric-gateway-java - 1.4.0-SNAPSHOT + 1.4.1-SNAPSHOT org.junit.platform diff --git a/fabcar/java/src/main/java/org/example/ClientApp.java b/fabcar/java/src/main/java/org/example/ClientApp.java index c69f52be..6589410a 100755 --- a/fabcar/java/src/main/java/org/example/ClientApp.java +++ b/fabcar/java/src/main/java/org/example/ClientApp.java @@ -14,6 +14,10 @@ import org.hyperledger.fabric.gateway.Wallet; public class ClientApp { + static { + System.setProperty("org.hyperledger.fabric.sdk.service_discovery.as_localhost", "true"); + } + public static void main(String[] args) throws Exception { // Load a file system based wallet for managing identities. Path walletPath = Paths.get("wallet"); diff --git a/fabcar/java/src/main/java/org/example/EnrollAdmin.java b/fabcar/java/src/main/java/org/example/EnrollAdmin.java index 4d4db122..b9992de7 100644 --- a/fabcar/java/src/main/java/org/example/EnrollAdmin.java +++ b/fabcar/java/src/main/java/org/example/EnrollAdmin.java @@ -17,6 +17,10 @@ import org.hyperledger.fabric_ca.sdk.HFCAClient; public class EnrollAdmin { + static { + System.setProperty("org.hyperledger.fabric.sdk.service_discovery.as_localhost", "true"); + } + public static void main(String[] args) throws Exception { // Create a CA client for interacting with the CA. diff --git a/fabcar/java/src/main/java/org/example/RegisterUser.java b/fabcar/java/src/main/java/org/example/RegisterUser.java index d972a01b..f892bef9 100644 --- a/fabcar/java/src/main/java/org/example/RegisterUser.java +++ b/fabcar/java/src/main/java/org/example/RegisterUser.java @@ -20,6 +20,10 @@ import org.hyperledger.fabric_ca.sdk.RegistrationRequest; public class RegisterUser { + static { + System.setProperty("org.hyperledger.fabric.sdk.service_discovery.as_localhost", "true"); + } + public static void main(String[] args) throws Exception { // Create a CA client for interacting with the CA. From 750474d458408cbb02978adfe9c1a7f63f44a700 Mon Sep 17 00:00:00 2001 From: Simon Stone Date: Wed, 16 Oct 2019 17:17:01 +0100 Subject: [PATCH 4/4] [FAB-16850] Set up CI with Azure Pipelines Signed-off-by: Simon Stone Change-Id: I3821a329ec5eb439ce0f27cfbc71b28e6b0b8a09 --- ci/azure-pipelines.yml | 51 ++++++++++++++++++++++++++++++++++++++++ ci/fabcar-go.yml | 8 +++++++ ci/fabcar-java.yml | 14 +++++++++++ ci/fabcar-javascript.yml | 19 +++++++++++++++ ci/fabcar-typescript.yml | 22 +++++++++++++++++ ci/install-deps.yml | 7 ++++++ ci/install-fabric.yml | 34 +++++++++++++++++++++++++++ 7 files changed, 155 insertions(+) create mode 100644 ci/azure-pipelines.yml create mode 100644 ci/fabcar-go.yml create mode 100644 ci/fabcar-java.yml create mode 100644 ci/fabcar-javascript.yml create mode 100644 ci/fabcar-typescript.yml create mode 100644 ci/install-deps.yml create mode 100644 ci/install-fabric.yml diff --git a/ci/azure-pipelines.yml b/ci/azure-pipelines.yml new file mode 100644 index 00000000..9c57962f --- /dev/null +++ b/ci/azure-pipelines.yml @@ -0,0 +1,51 @@ +# +# SPDX-License-Identifier: Apache-2.0 +# + +trigger: + - master + - release-1.4 + +jobs: + - job: fabcar_go + displayName: FabCar (Go) + pool: + vmImage: ubuntu-18.04 + dependsOn: [] + timeoutInMinutes: 60 + steps: + - template: install-deps.yml + - template: install-fabric.yml + - template: fabcar-go.yml + - job: fabcar_java + displayName: FabCar (Java) + pool: + vmImage: ubuntu-18.04 + dependsOn: [] + timeoutInMinutes: 60 + steps: + - template: install-deps.yml + - template: install-fabric.yml + - template: fabcar-java.yml + - job: fabcar_javascript + displayName: FabCar (JavaScript) + pool: + vmImage: ubuntu-18.04 + dependsOn: [] + timeoutInMinutes: 60 + steps: + - template: install-deps.yml + - template: install-fabric.yml + - template: fabcar-javascript.yml + - job: fabcar_typescript + displayName: FabCar (TypeScript) + pool: + vmImage: ubuntu-18.04 + dependsOn: [] + timeoutInMinutes: 60 + steps: + - template: install-deps.yml + - template: install-fabric.yml + - template: fabcar-typescript.yml + + diff --git a/ci/fabcar-go.yml b/ci/fabcar-go.yml new file mode 100644 index 00000000..d8c472b9 --- /dev/null +++ b/ci/fabcar-go.yml @@ -0,0 +1,8 @@ +# +# SPDX-License-Identifier: Apache-2.0 +# + +steps: + - script: bash startFabric.sh go + workingDirectory: fabcar + displayName: Start Fabric diff --git a/ci/fabcar-java.yml b/ci/fabcar-java.yml new file mode 100644 index 00000000..9597bd54 --- /dev/null +++ b/ci/fabcar-java.yml @@ -0,0 +1,14 @@ +# +# SPDX-License-Identifier: Apache-2.0 +# + +steps: + - script: bash startFabric.sh java + workingDirectory: fabcar + displayName: Start Fabric + - script: retry -- mvn dependency:go-offline + workingDirectory: fabcar/java + displayName: Install FabCar application dependencies + - script: mvn test + workingDirectory: fabcar/java + displayName: Run FabCar application diff --git a/ci/fabcar-javascript.yml b/ci/fabcar-javascript.yml new file mode 100644 index 00000000..3f910747 --- /dev/null +++ b/ci/fabcar-javascript.yml @@ -0,0 +1,19 @@ +# +# SPDX-License-Identifier: Apache-2.0 +# + +steps: + - script: bash startFabric.sh javascript + workingDirectory: fabcar + displayName: Start Fabric + - script: retry -- npm install + workingDirectory: fabcar/javascript + displayName: Install FabCar application dependencies + - script: | + set -ex + node enrollAdmin + node registerUser + node invoke + node query + workingDirectory: fabcar/javascript + displayName: Run FabCar application diff --git a/ci/fabcar-typescript.yml b/ci/fabcar-typescript.yml new file mode 100644 index 00000000..8bbe48bb --- /dev/null +++ b/ci/fabcar-typescript.yml @@ -0,0 +1,22 @@ +# +# SPDX-License-Identifier: Apache-2.0 +# + +steps: + - script: bash startFabric.sh typescript + workingDirectory: fabcar + displayName: Start Fabric + - script: retry -- npm install + workingDirectory: fabcar/typescript + displayName: Install FabCar application dependencies + - script: npm run build + workingDirectory: fabcar/typescript + displayName: Build FabCar application + - script: | + set -ex + node dist/enrollAdmin + node dist/registerUser + node dist/invoke + node dist/query + workingDirectory: fabcar/typescript + displayName: Run FabCar application diff --git a/ci/install-deps.yml b/ci/install-deps.yml new file mode 100644 index 00000000..a414861f --- /dev/null +++ b/ci/install-deps.yml @@ -0,0 +1,7 @@ +# +# SPDX-License-Identifier: Apache-2.0 +# + +steps: + - script: sudo sh -c "curl https://raw.githubusercontent.com/kadwanev/retry/master/retry -o /usr/local/bin/retry && chmod +x /usr/local/bin/retry" + displayName: Install retry CLI \ No newline at end of file diff --git a/ci/install-fabric.yml b/ci/install-fabric.yml new file mode 100644 index 00000000..7828ec32 --- /dev/null +++ b/ci/install-fabric.yml @@ -0,0 +1,34 @@ +# +# SPDX-License-Identifier: Apache-2.0 +# + +steps: + - script: | + set -ex + mvn dependency:get -DremoteRepositories=https://nexus.hyperledger.org/content/repositories/snapshots -Dartifact=org.hyperledger.fabric:hyperledger-fabric-1.4.4-stable:linux-amd64.1.4.4-stable-SNAPSHOT:tar.gz + mvn dependency:copy -Dartifact=org.hyperledger.fabric:hyperledger-fabric-1.4.4-stable:linux-amd64.1.4.4-stable-SNAPSHOT:tar.gz -DoutputDirectory=/tmp + cd /usr/local + sudo tar xzvf /tmp/hyperledger-fabric-1.4.4-stable-linux-amd64.1.4.4-stable-SNAPSHOT.tar.gz + displayName: Download Fabric CLI + - script: | + set -ex + mvn dependency:get -DremoteRepositories=https://nexus.hyperledger.org/content/repositories/snapshots -Dartifact=org.hyperledger.fabric-ca:hyperledger-fabric-ca-1.4.4-stable:linux-amd64.1.4.4-stable-SNAPSHOT:tar.gz + mvn dependency:copy -Dartifact=org.hyperledger.fabric-ca:hyperledger-fabric-ca-1.4.4-stable:linux-amd64.1.4.4-stable-SNAPSHOT:tar.gz -DoutputDirectory=/tmp + cd /usr/local + sudo tar xzvf /tmp/hyperledger-fabric-ca-1.4.4-stable-linux-amd64.1.4.4-stable-SNAPSHOT.tar.gz + displayName: Download Fabric CA CLI + - script: | + set -ex + for i in ca ccenv javaenv peer orderer tools; do + docker pull nexus3.hyperledger.org:10001/hyperledger/fabric-$i:amd64-1.4.4-stable + docker tag nexus3.hyperledger.org:10001/hyperledger/fabric-$i:amd64-1.4.4-stable hyperledger/fabric-$i:amd64-1.4.4-stable + docker tag nexus3.hyperledger.org:10001/hyperledger/fabric-$i:amd64-1.4.4-stable hyperledger/fabric-$i:amd64-1.4.4 + docker tag nexus3.hyperledger.org:10001/hyperledger/fabric-$i:amd64-1.4.4-stable hyperledger/fabric-$i:1.4.4 + docker tag nexus3.hyperledger.org:10001/hyperledger/fabric-$i:amd64-1.4.4-stable hyperledger/fabric-$i:latest + done + for i in couchdb; do + docker pull nexus3.hyperledger.org:10001/hyperledger/fabric-$i:0.4.15 + docker tag nexus3.hyperledger.org:10001/hyperledger/fabric-$i:0.4.15 hyperledger/fabric-$i:0.4.15 + docker tag nexus3.hyperledger.org:10001/hyperledger/fabric-$i:0.4.15 hyperledger/fabric-$i:latest + done + displayName: Pull Fabric Docker images